40 lines
1.0 KiB
Ruby
40 lines
1.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module PagesDomains
|
|
class CreateAcmeOrderService
|
|
# elliptic curve algorithm to generate the private key
|
|
ECDSA_CURVE = "prime256v1"
|
|
|
|
attr_reader :pages_domain
|
|
|
|
def initialize(pages_domain)
|
|
@pages_domain = pages_domain
|
|
end
|
|
|
|
def execute
|
|
lets_encrypt_client = Gitlab::LetsEncrypt::Client.new
|
|
order = lets_encrypt_client.new_order(pages_domain.domain)
|
|
|
|
challenge = order.new_challenge
|
|
|
|
private_key = if Feature.enabled?(:pages_lets_encrypt_ecdsa, pages_domain.project)
|
|
OpenSSL::PKey::EC.generate(ECDSA_CURVE)
|
|
else
|
|
OpenSSL::PKey::RSA.new(4096)
|
|
end
|
|
|
|
saved_order = pages_domain.acme_orders.create!(
|
|
url: order.url,
|
|
expires_at: order.expires,
|
|
private_key: private_key.to_pem,
|
|
|
|
challenge_token: challenge.token,
|
|
challenge_file_content: challenge.file_content
|
|
)
|
|
|
|
challenge.request_validation
|
|
saved_order
|
|
end
|
|
end
|
|
end
|